[  403.267645] syz-executor.1 (6191) used greatest stack depth: 23032 bytes left
[  404.179761] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  404.187272] batman_adv: batadv0: Removing interface: batadv_slave_0
[  404.195786] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  404.203227] batman_adv: batadv0: Removing interface: batadv_slave_1
[  404.211568] device bridge_slave_1 left promiscuous mode
[  404.218651] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.275949] device bridge_slave_0 left promiscuous mode
[  404.284406] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.328564] device veth1_macvtap left promiscuous mode
[  404.334241] device veth0_macvtap left promiscuous mode
[  404.340584] device veth1_vlan left promiscuous mode
[  404.347501] device veth0_vlan left promiscuous mode
[  404.437773] device hsr_slave_1 left promiscuous mode
[  404.478626] device hsr_slave_0 left promiscuous mode
[  404.521890] team0 (unregistering): Port device team_slave_1 removed
[  404.531573] team0 (unregistering): Port device team_slave_0 removed
[  404.541765] bond0 (unregistering): Releasing backup interface bond_slave_1
[  404.589793] bond0 (unregistering): Releasing backup interface bond_slave_0
[  404.645145] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.0.18' (ECDSA) to the list of known hosts.
[  408.388296] list_del corruption, ffff8881c1c77640->next is LIST_POISON1 (dead000000000100)
[  408.396531] list_del corruption, ffff8881c3727640->next is LIST_POISON1 (dead000000000100)
[  408.397119] ------------[ cut here ]------------
[  408.405608] ------------[ cut here ]------------
[  408.410485] kernel BUG at lib/list_debug.c:47!
[  408.410499] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  408.415313] kernel BUG at lib/list_debug.c:47!
[  408.419872] CPU: 1 PID: 20073 Comm: syz-executor901 Not tainted 4.19.191-syzkaller #0
[  408.438213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  408.447643] RIP: 0010:__list_del_entry_valid.cold.1+0x26/0x4a
[  408.453543] Code: f8 ff 0f 0b 4c 89 e2 48 89 de 48 c7 c7 00 7a 8b 87 e8 cb 2e f8 ff 0f 0b 4c 89 ea 48 89 de 48 c7 c7 a0 79 8b 87 e8 b7 2e f8 ff <0f> 0b 48 89 de 48 c7 c7 c0 7a 8b 87 e8 a6 2e f8 ff 0f 0b 48 89 de
[  408.472996] RSP: 0018:ffff8881c1c774d0 EFLAGS: 00010086
[  408.478606] RAX: 000000000000004e RBX: ffff8881c1c77640 RCX: 0000000000000000
[  408.486055] RDX: 0000000000000000 RSI: ffffffff878b7700 RDI: ffffffff8a3e3aa0
[  408.493413] RBP: ffff8881c1c774e8 R08: ffffed103ece5081 R09: ffffed103ece5080
[  408.500924] R10: ffffed103ece5080 R11: ffff8881f6728407 R12: dead000000000200
[  408.508348] R13: dead000000000100 R14: ffff8881d4fba0c0 R15: ffff8881e0ae9140
[  408.515756] FS:  00007f4757bdb700(0000) GS:ffff8881f6700000(0000) knlGS:0000000000000000
[  408.524105] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  408.530065] CR2: 00005555d8a4f378 CR3: 00000001f3833002 CR4: 00000000001606e0
[  408.537502] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  408.544761] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  408.554071] Call Trace:
[  408.557020]  remove_wait_queue+0x30/0x1b0
[  408.561825]  tipc_send_group_bcast+0x33a/0xa10
[  408.568154]  ? tipc_release+0xbd0/0xbd0
[  408.572399]  ? rcu_read_lock_sched_held+0x108/0x120
[  408.579584]  ? kmem_cache_free+0x25e/0x290
[  408.584424]  ? do_wait_intr_irq+0x310/0x310
[  408.590301]  ? __lock_acquire+0x764/0x47c0
[  408.594804]  ? __lock_acquire+0x764/0x47c0
[  408.599248]  __tipc_sendmsg+0x449/0x12c0
[  408.605042]  ? tipc_sendmcast+0xb10/0xb10
[  408.609390]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  408.614797]  ? lockdep_hardirqs_on+0x296/0x5b0
[  408.619494]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  408.624338]  ? trace_hardirqs_on_caller+0x28/0x180
[  408.629493]  ? mark_held_locks+0xc7/0x130
[  408.633649]  ? __local_bh_enable_ip+0x160/0x250
[  408.638378]  ? lock_sock_nested+0xc5/0x100
[  408.643128]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  408.647709]  ? __local_bh_enable_ip+0x160/0x250
[  408.652593]  ? trace_hardirqs_on+0x28/0x190
[  408.657201]  ? lock_sock_nested+0x82/0x100
[  408.661507]  ? lock_sock_nested+0x82/0x100
[  408.666153]  ? __local_bh_enable_ip+0x160/0x250
[  408.671114]  tipc_sendmsg+0x4b/0x70
[  408.674843]  ? __tipc_sendmsg+0x12c0/0x12c0
[  408.679247]  sock_sendmsg+0xac/0xf0
[  408.683157]  ___sys_sendmsg+0x28e/0x950
[  408.687331]  ? copy_msghdr_from_user+0x430/0x430
[  408.692480]  ? mark_held_locks+0x130/0x130
[  408.696895]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  408.702089]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  408.707157]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  408.712121]  ? trace_hardirqs_on_caller+0x28/0x180
[  408.717449]  ? retint_kernel+0x2d/0x2d
[  408.721623]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  408.726506]  ? __might_fault+0xf1/0x1b0
[  408.730764]  ? lock_downgrade+0x860/0x860
[  408.735008]  __sys_sendmmsg+0x160/0x370
[  408.739501]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  408.743891]  ? tipc_setsockopt+0x52f/0x870
[  408.748585]  ? fput+0x18/0x120
[  408.751767]  ? do_futex+0x1530/0x1530
[  408.755555]  ? kernel_accept+0x300/0x300
[  408.759703]  ? __sys_socket+0x115/0x1d0
[  408.763758]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  408.768548]  ? do_syscall_64+0x21/0x4e0
[  408.772506]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  408.777952]  __x64_sys_sendmmsg+0x98/0x100
[  408.782177]  do_syscall_64+0xd0/0x4e0
[  408.785977]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  408.791320] RIP: 0033:0x4459c9
[  408.794791] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  408.814112] RSP: 002b:00007f4757bdb318 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  408.821793] RAX: ffffffffffffffda RBX: 00000000004ca428 RCX: 00000000004459c9
[  408.829210] RDX: 08000000000000b0 RSI: 0000000020000a40 RDI: 0000000000000004
[  408.836453] RBP: 00000000004ca420 R08: 0000000000000000 R09: 0000000000000000
[  408.843933] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000049a064
[  408.851454] R13: 00007ffde16172ef R14: 00007f4757bdb400 R15: 0000000000022000
[  408.859681] Modules linked in:
[  408.862884] ---[ end trace f71e9c44cf2820c2 ]---
[  408.862924] invalid opcode: 0000 [#2] PREEMPT SMP KASAN
[  408.867628] RIP: 0010:__list_del_entry_valid.cold.1+0x26/0x4a
[  408.873469] CPU: 0 PID: 20085 Comm: syz-executor901 Tainted: G      D           4.19.191-syzkaller #0
[  408.879603] Code: f8 ff 0f 0b 4c 89 e2 48 89 de 48 c7 c7 00 7a 8b 87 e8 cb 2e f8 ff 0f 0b 4c 89 ea 48 89 de 48 c7 c7 a0 79 8b 87 e8 b7 2e f8 ff <0f> 0b 48 89 de 48 c7 c7 c0 7a 8b 87 e8 a6 2e f8 ff 0f 0b 48 89 de
[  408.889027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  408.908450] RSP: 0018:ffff8881c1c774d0 EFLAGS: 00010086
[  408.918446] RIP: 0010:__list_del_entry_valid.cold.1+0x26/0x4a
[  408.923962] RAX: 000000000000004e RBX: ffff8881c1c77640 RCX: 0000000000000000
[  408.929883] Code: f8 ff 0f 0b 4c 89 e2 48 89 de 48 c7 c7 00 7a 8b 87 e8 cb 2e f8 ff 0f 0b 4c 89 ea 48 89 de 48 c7 c7 a0 79 8b 87 e8 b7 2e f8 ff <0f> 0b 48 89 de 48 c7 c7 c0 7a 8b 87 e8 a6 2e f8 ff 0f 0b 48 89 de
[  408.937235] RDX: 0000000000000000 RSI: ffffffff878b7700 RDI: ffffffff8a3e3aa0
[  408.956679] RSP: 0018:ffff8881c37274d0 EFLAGS: 00010086
[  408.964110] RBP: ffff8881c1c774e8 R08: ffffed103ece5081 R09: ffffed103ece5080
[  408.969447] RAX: 000000000000004e RBX: ffff8881c3727640 RCX: 0000000000000000
[  408.977060] R10: ffffed103ece5080 R11: ffff8881f6728407 R12: dead000000000200
[  408.984739] RDX: 0000000000000000 RSI: ffffffff878b7700 RDI: ffffffff8a3e3aa0
[  408.991991] R13: dead000000000100 R14: ffff8881d4fba0c0 R15: ffff8881e0ae9140
[  408.999321] RBP: ffff8881c37274e8 R08: ffffed103ecc5081 R09: ffffed103ecc5080
[  408.999325] R10: ffffed103ecc5080 R11: ffff8881f6628407 R12: dead000000000200
[  409.006582] FS:  00007f4757bdb700(0000) GS:ffff8881f6700000(0000) knlGS:0000000000000000
[  409.014287] R13: dead000000000100 R14: ffff8881ea1f5900 R15: ffff8881d6f73940
[  409.021620] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  409.029907] FS:  00007f4757bdb700(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000
[  409.037249] CR2: 00005555d8a4f378 CR3: 00000001f3833002 CR4: 00000000001606e0
[  409.037254] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  409.043199] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  409.051713] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  409.058972] CR2: 00000000004d0600 CR3: 00000001df4d8001 CR4: 00000000001606f0
[  409.066349] Kernel panic - not syncing: Fatal exception
[  409.072391] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  409.102518] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  409.109772] Call Trace:
[  409.112540]  remove_wait_queue+0x30/0x1b0
[  409.116691]  tipc_send_group_bcast+0x33a/0xa10
[  409.121338]  ? tipc_release+0xbd0/0xbd0
[  409.125299]  ? do_wait_intr_irq+0x310/0x310
[  409.129597]  ? __lock_acquire+0x764/0x47c0
[  409.134503]  ? _raw_spin_unlock_irq+0x27/0x90
[  409.139336]  ? finish_task_switch+0x14a/0x700
[  409.144202]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  409.148941]  ? _raw_spin_unlock_irq+0x27/0x90
[  409.153646]  __tipc_sendmsg+0x449/0x12c0
[  409.157971]  ? tipc_sendmcast+0xb10/0xb10
[  409.162283]  ? mark_held_locks+0x130/0x130
[  409.166595]  ? __might_sleep+0x95/0x190
[  409.171134]  ? mark_held_locks+0xc7/0x130
[  409.175484]  ? __local_bh_enable_ip+0x160/0x250
[  409.180333]  ? lock_sock_nested+0xc5/0x100
[  409.184655]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  409.189324]  ? __local_bh_enable_ip+0x160/0x250
[  409.193975]  ? trace_hardirqs_on+0x28/0x190
[  409.198273]  ? lock_sock_nested+0x82/0x100
[  409.202496]  ? lock_sock_nested+0x82/0x100
[  409.206730]  ? __local_bh_enable_ip+0x160/0x250
[  409.211421]  tipc_sendmsg+0x4b/0x70
[  409.215206]  ? __tipc_sendmsg+0x12c0/0x12c0
[  409.219525]  sock_sendmsg+0xac/0xf0
[  409.223243]  ___sys_sendmsg+0x28e/0x950
[  409.227195]  ? copy_msghdr_from_user+0x430/0x430
[  409.231941]  ? __fget+0x285/0x400
[  409.235398]  ? lock_downgrade+0x860/0x860
[  409.239529]  ? kasan_check_read+0x11/0x20
[  409.243682]  ? __fget+0x2a2/0x400
[  409.247122]  ? do_dup2+0x3f0/0x3f0
[  409.250639]  ? futex_exit_release+0x60/0x60
[  409.254946]  ? __fget_light+0x174/0x1e0
[  409.259012]  ? _raw_spin_unlock_bh+0x30/0x40
[  409.263397]  ? __fdget+0xe/0x10
[  409.266685]  ? sockfd_lookup_light+0x1c/0x160
[  409.271254]  __sys_sendmmsg+0x160/0x370
[  409.275316]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  409.279617]  ? tipc_setsockopt+0x52f/0x870
[  409.284093]  ? trace_hardirqs_on_caller+0x28/0x180
[  409.289005]  ? do_futex+0x1530/0x1530
[  409.292787]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  409.297524]  ? do_syscall_64+0x21/0x4e0
[  409.301925]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  409.307530]  __x64_sys_sendmmsg+0x98/0x100
[  409.311828]  do_syscall_64+0xd0/0x4e0
[  409.316053]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  409.321489] RIP: 0033:0x4459c9
[  409.324705] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  409.344218] RSP: 002b:00007f4757bdb318 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  409.352769] RAX: ffffffffffffffda RBX: 00000000004ca428 RCX: 00000000004459c9
[  409.360192] RDX: 08000000000000b0 RSI: 0000000020000a40 RDI: 0000000000000004
[  409.367440] RBP: 00000000004ca420 R08: 0000000000000000 R09: 0000000000000000
[  409.374782] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000049a064
[  409.382178] R13: 00007ffde16172ef R14: 00007f4757bdb400 R15: 0000000000022000
[  409.390214] Modules linked in:
[  409.393389] ---[ end trace f71e9c44cf2820c3 ]---
[  409.398213] RIP: 0010:__list_del_entry_valid.cold.1+0x26/0x4a
[  409.404075] Code: f8 ff 0f 0b 4c 89 e2 48 89 de 48 c7 c7 00 7a 8b 87 e8 cb 2e f8 ff 0f 0b 4c 89 ea 48 89 de 48 c7 c7 a0 79 8b 87 e8 b7 2e f8 ff <0f> 0b 48 89 de 48 c7 c7 c0 7a 8b 87 e8 a6 2e f8 ff 0f 0b 48 89 de
[  409.423149] RSP: 0018:ffff8881c1c774d0 EFLAGS: 00010086
[  409.428769] RAX: 000000000000004e RBX: ffff8881c1c77640 RCX: 0000000000000000
[  409.436031] RDX: 0000000000000000 RSI: ffffffff878b7700 RDI: ffffffff8a3e3aa0
[  409.443367] RBP: ffff8881c1c774e8 R08: ffffed103ece5081 R09: ffffed103ece5080
[  409.450716] R10: ffffed103ece5080 R11: ffff8881f6728407 R12: dead000000000200
[  409.458072] R13: dead000000000100 R14: ffff8881d4fba0c0 R15: ffff8881e0ae9140
[  409.465495] FS:  00007f4757bdb700(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000
[  409.473899] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  409.479933] CR2: 00000000004d0600 CR3: 00000001df4d8001 CR4: 00000000001606f0
[  409.487359] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  409.494899] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  410.197250] Shutting down cpus with NMI
[  410.203848] Kernel Offset: disabled
[  410.207712] Rebooting in 86400 seconds..